SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSap Cloud Connector
APPSap< 2.11.3
Powiązane podatności
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient ...
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities tha...
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the g...
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked ...
SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker ...